[Bug 900553] Re: Any user can manage the keystone database via keystone-manage

Adam, I'm assigning to you so you can track and close when done ** Changed in: keystone (Ubuntu) Assignee: (unassigned) = Adam Gandelman (gandelman-a) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu.

[Bug 900553] Re: Any user can manage the keystone database via keystone-manage

I think the branch confusion caused this not to be closed out by Janitor? Either way, it was addressed in keystone 2012.1~e2~20111202.1379-0ubuntu2. ** Changed in: keystone (Ubuntu) Status: New = Fix Released -- You received this bug notification because you are a member of Ubuntu

[Bug 900553] Re: Any user can manage the keystone database via keystone-manage

** This bug has been flagged as a security vulnerability -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/900553 Title: Any user can manage the keystone database via keystone-manage

[Bug 900553] Re: Any user can manage the keystone database via keystone-manage

I'm going to go ahead and unsubscribe ubuntu-sponsors from this bug - branch merge requests are automatically added to the sponsorship queue. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu.

[Bug 900553] Re: Any user can manage the keystone database via keystone-manage

** Branch linked: lp:~gandelman-a/ubuntu/precise/keystone/lp900553 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/900553 Title: Any user can manage the keystone database via

[Bug 900553] Re: Any user can manage the keystone database via keystone-manage

** Branch linked: lp:~gandelman-a/ubuntu/precise/keystone/lp900553 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/900553 Title: Any user can manage the keystone database via

[Bug 900553] Re: Any user can manage the keystone database via keystone-manage

** Branch linked: lp:~ubuntu-server-dev/keystone/essex -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/900553 Title: Any user can manage the keystone database via keystone-manage

[Bug 900553] Re: Any user can manage the keystone database via keystone-manage

On second look, /etc/keystone/keystone.conf ( like every other openstack component) stores its database credentials as plain text sqlalchemy string. This is should be installed non-world readable. -- You received this bug notification because you are a member of Ubuntu Server Team, which is

[Bug 900553] Re: Any user can manage the keystone database via keystone-manage

** Branch linked: lp:~gandelman-a/ubuntu/precise/keystone/900553 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/900553 Title: Any user can manage the keystone database via